<?php require('../data/dbcon.php'); ?>
<?php require('../data/functions.php'); ?>
<?php
session_start();
$error = null;
$UserChk = checkUser($_COOKIE['winnguestbook_u'], $_COOKIE['winnguestbook_auth']);
if( $UserChk == FALSE ) {
	header("location: index.php");
}
?>
<?php

if( isset($_POST['addpost']) ) {

		$add = addPost($_POST, $admin = true);
		if( $add == FALSE ) {
			$error = "<p><span class=\"red\">Sorry, check your info again we could not post this.</span></p>";
			unset($_SESSION['secret']);
			unset($_COOKIE['PHPSESSID']);
		}else{
			$error = "<p class=\"fade\"><span class=\"highlight\">Your post was added!</span></p>";
			unset($_SESSION['secret']);
			unset($_COOKIE['PHPSESSID']);
		}
		
	
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<style type="text/css">@import url('css/admin.css'); </style>

<script type="text/javascript" src="js/prototypejs.js"></script>
<script type="text/javascript" src="js/scriptaculous.js"></script>
<title>Winn Guestbook <?=$version; ?></title>
</head>

<body>
<div id="adminheader">
	<?php include('inc/sitename.php'); ?>
    <ul id="post">
<?php include('inc/header.php'); ?>

<div class="content">
        
        <h3>Post to your guestbook</h3>
		<?=$error; ?>
		<form action="<?=$_SERVER['PHP_SELF']; ?>" method="post">
		<table id="adminpost">
			<tr>
            	<td colspan="2"><p>This post will not need approval, it will display approved to your live site.</p></td>
            </tr>
			<tr>
				<td><p>Name:</p></td>
				<td><input name="name" type="text" value="<?=isset($_POST['name']) ? $_POST['name'] : false; ?>" /></td>
			</tr>
			<tr>
				<td><p>Email:</p></td>
				<td><input name="email" type="text" value="<?=isset($_POST['email']) ? $_POST['email'] : false; ?>" /></td>
			</tr>
			<tr>
            	<td colspan="2"><p id="special">Need to <span class="highlight">highlight</span> something? Use this: &lt;span class="highlight"&gt;Your Text&lt;/span&gt;</p></td>
            </tr>
			<tr>
				<td><p>Your post:</p></td>
				<td><textarea name="post"><?=isset($_POST['post']) ? $_POST['post'] : false; ?></textarea></td>
			</tr>
			<tr>
				<td></td>
				<td><input id="btn" type="submit" value="Post &raquo;" name="addpost" onclick="this.value='posting...'" /></td>
			</tr>
		</table>
		</form>
    
</div>
<?php include('inc/footer.php');?>
</body>
</html>